* A vulnerability was discovered in Tomcat’s handling of pipelined
requests when “Sendfile” was used. If sendfile processing completed
quickly, it was possible for the Processor to be added to the processor
cache twice. This could lead to invalid responses or information
disclosure. (CVE-2017-5647)

* Two vulnerabilities were discovered in Tomcat where if a servlet context
was configured with readonly=false and HTTP PUT requests were allowed, an
attacker could upload a JSP file to that context and achieve code
execution. (CVE-2017-12615, CVE-2017-12617)

* A vulnerability was discovered in Tomcat where the CORS Filter did not
send a “Vary: Origin” HTTP header. This potentially allowed sensitive data
to be leaked to other visitors through both client-side and server-side
caches. (CVE-2017-7674)
—